Function module for Company code Authorization check

Former Member — Wed, 05 Dec 2012 15:55:36 GMT

Hi There,

I need a function module where i can perform authorization check for company code .Below is the function module which is a example of a authorization of user id check where i pass user id for which i need to perform the aucthorization check.likewise i need another function module where i can pass company code.

CALL FUNCTION 'AUTHORITY_CHECK'

EXPORTING

field1 = 'ACTVT'

object = 'Z_BOOK' "Auth object

user = USER_ID

value1 = '04' "

EXCEPTIONS

user_is_authorized = 0

user_dont_exist = 1

user_not_authorized = 2

user_is_locked = 3

OTHERS = 4.

Please do the needfull.

Thanks,

Jyotsana

Re: Function module for Company code Authorization check

former_member189779 — Wed, 05 Dec 2012 16:10:57 GMT

AUTHORITY-CHECK OBJECT 'F_BKPF_BUK'

ID 'ACTVT' FIELD '03'

ID 'BUKRS' FIELD C_BUK1.

check SY-SUBRC = 0.

You can make addition for User Press F1 on Authority check

AUTHORITY-CHECK OBJECT auth_obj [FOR USER user]
                        ID id1 {FIELD val1}|DUMMY
                       [ID id2 {FIELD val2}|DUMMY]
                        ...
                       [ID id10 {FIELD val10}|DUMMY].

Addition:

... FOR USER user

Effect

This statement checks whether an authorization is entered in the user master record of the current user or of the user specified in user for the authorization object entered in the field auth_obj, and whether this authorization is sufficient for the request specified in the statement. auth_obj expects a flat character-like field containing the name of an authorization object. If the addition FOR USER is not specified, the authorization of the current user is checked.

If id1 ... id10 is specified, you must have at least one and a maximum of 10 different authorization fields listed for the authorization object specified. id1 ... id10 expects flat character-like fields containing the names of the authorization fields in uppercase. If an authorization field is specified that does not appear in the authorization object, checks are not possible and sy-subrc is set to 4. Each specified authorization field expects either a value to be checked by FIELD in a flat character-like field val1 ... val10 or the addition DUMMY.

The authorization check is carried out if the check indicator for the specified authorization object for the current context is set to check with any proposal status. If the check indicator is set to no check, no authorization check is carried out and sy-subrc is set to 0, as with a successful check.

The authorization check is successful if one or more authorizations are created for the authorization object in the user master record and if, for at least one of the authorizations, each of the value sets defined there for the authorization fields specified using FIELD includes the value val1 ... val10 to be checked. Authorization fields that are not included in the statement or that have DUMMY specified for them are not checked. If the check is successful, sy-subrc is set to 0. Otherwise, it is set to a value not equal to 0 (see below).

System Fields

sy-subrc	Meaning
0	Authorization successful or no check was carried out. An authorization for the authorization object was found in the user master record. Its value sets include the specified values.
4	Authorization check not successful. One or more authorizations were found for the authorization object in the user master record and they include the value sets, but not the values specified, or incorrect authorization fields or too many fields were specified.
12	No authorization was found for the authorization object in the user master record.
24	This return code is no longer set.
40	An invalid user ID was specified in user.

topic Re: Function module for Company code Authorization check in Application Development and Automation Discussions

Function module for Company code Authorization check

Re: Function module for Company code Authorization check